Nowadays, it is becoming increasingly necessary to provide a signed electronic document in a revision-proof manner. A so-called biometric-electronic signature has the advantage that a media breach, i.e. printing out an electronic document on paper for signature, is omitted. Moreover, a biometric feature, such as e.g., a signature, cannot be copied, stolen or forgotten.
The signature is an unambiguous declaration of intent and a long-recognized method for documenting intention. The usual signature method is not changed with the biometric-electronic signature; however, the signer is not required to be a member of a so-called trust center, as is necessary for a digital signature method. Furthermore, the, e.g., handwritten biometric-electronic signature can be examined by a handwriting expert and for example, can also be compared with signatures on paper; the same applies to a biometric-electronic signature using a fingerprint or voice sample, inter alia, whose features can also be examined by recognized experts according to time-tested methods.
For example, the law covering electronic signatures passed in the Federal Republic of Germany regulates the basic conditions for all paperless signature methods, such as e.g., the digital signature, as used in connection with so-called smart cards and the biometric-electronic signatures relevant herein. This law is based upon the EU-Guidelines for electronic signatures and thereby replaces the law covering digital signatures of 1997, which was limited to only Germany. Thus, a European-wide foundation has been created, based upon which products for electronic signature can be employed in a cross-border manner. It can be assumed that the electronic signature will thereby gain a larger foothold in Europe.
Many large companies now produce their internal workflow almost exclusively electronically. However, up to now, the interface to the “outside world”—e.g., outside contractors such as insurance agents, etc.—has remained paper-bound nearly everywhere. Studies have shown that, for every dollar spent on the production of paper, another 30 to 60 dollars are incurred for the further processing thereof. The biometric-electronic signature thus offers companies the possibility of having electronic documents signed electronically instead of on paper.
In spite of substantial efforts, a biometric-electronic signature of an outside person could not, as of yet, be integrated into an electronic workflow without a media-breach using electronic methods. This shortcoming was due to the legal situation, which was applicable until recently, and also to the previous approaches to solving this problem. The electronic signature captures, which were previously known, now allow every end customer to provide an unmistakable declaration of intent without having to possess a special apparatus or certificate; the declaration of intention is directly transferred into an electronic document as a biometric-electronic signature. This form of biometric signature certainly already possesses a high degree of acceptance today (e.g., in the form of handwritten electronic signatures), in particular due to the well-known package delivery services. However, the misgivings relating to improper use and manipulation of signatures, which are utilized for the execution of contracts, etc., are still very high.
Nevertheless, the biometric-electronic signature is increasingly gaining in importance. From a simple document to a complex agreement, the biometric signature can no longer be ignored for everyday matters. However, the precautions for preventing the manipulation of a biometrically-signed electronic document can still be improved.
It has become known in the interim, with the aid of devices for electronically capturing the signature—so-called signature pads (see e.g., DE 10 2006 000 859.6 and the signature pads of StepOver GmbH/Germany offered under the product names: blueMobile Pad, blueMobile Pad LCD, plusPad and plusPad LCD)—, to realize the handwritten electronic signature without a media-breach during the processing of a digital document from the writing thereof until the archiving thereof. Thus, the central aspect of the problem is the unambiguous correlation of a handwritten electronic signature to a document and to a person. It is also known in the interim to make possible an automatic authenticity-check using the captured biometric data from the handwritten electronic signature and thus to almost completely exclude an improper use. However, it has been shown that security can be still further improved to prevent modification and manipulation of a biometrically-signed (e.g., a handwritten signature) electronic document, or to prevent modification and manipulation of the biometrical data. In particular, known signature systems comprising a computer device, e.g., a personal computer, and a signature capture apparatus, e.g. a signature pad, may have the problem that biometrical data representing the signature of the handwritten signature of a signer are not secure during the transfer of the data from the signature capture apparatus to the computer apparatus.
These signature capture apparatus do not have a monitor/screen applicable to display the electronic document to be signed. The reason is that the monitor/screen of the signature capture apparatus has normally not the dimensions applicable to display the document to be signed. The signature capture device or signature pad normally has a screen or monitor with dimensions which are only applicable to show a field or area where the signature has to be made and very limited information can be displayed. The electronic document to be signed is stored on a separate computer apparatus and the signer executing his signature to this electronic document has to rely on that this signature is really used to electronically signing the document shown on a monitor/screen of the separate computer apparatus. Consequently, the split-up of the computer apparatus and the signature capture apparatus may be a source for manipulation of the signature or the electronic document. Furthermore, the signer may hesitate to sign the document which can only be shown on the monitor/screen of the separate computer apparatus and not on the device on which the signer executes his signature.
WO 2006/111979 A discloses a method and apparatus for incorporating a digital signature to within a document for paper-less office. The method comprises generating the document to be signed on a computer and transferring it and displaying it on a device for incorporating digital signature. The device for incorporating the digital signature comprises a screen, signature means such as an electronic pen or finger print capturing device, and at least one smart card reader. Then, the document is being digitally signed. The digitally signed document is being encrypted and transferred to the computer so as to prevent restoration of the digital signature. From the customer side, the procedure is based on “what you see is what you sign”. This known method and apparatus requires a special device for incorporating digital signature, namely a device having a screen with dimensions applicable for displaying the documents to be signed. In addition, a smart card reader is necessary.
Another electronic signature management system is disclosed in U.S. Pat. No. 6,307,955 B1. Here, the electronic signature management system includes a graphic tablet digitizer for signaling position coordinates of stylus being moved to produce a hand-written signature, a clock circuit of the digitizer defining a fixed interval between successive stylus position managements measurements, a computer processor electrically interfaced with the tablet and programmed for receiving and storing a multiplicity of the coordinates in sequential order as an electronic signature forming a time history of the stylus movement. The computer is also programmed for verifying the fixed time intervals of the measurements, and for comparing the electronic signature with a reference signature. The electronic signature is preferably encrypted using a hash function or message digits of the document as a key. Also disclosed are methods for electronically signing a document, wherein the electronic signature is electronically bound to the document. The electronic signature is encrypted using a key derived from the document and not saved.
U.S. Pat. No. 7,024,562 B1 discloses a method for carrying out digital signature and a system therefore. In this known method a data packet is sent from a sender to a recipient. The sender and the recipient are connected to a data network via network connection means. A biometric sample of the person is sampled and converted to a digital form. A first digital seal is produced from the combination of the digital data packet and the biometrics sample, or from two or more digital seals derived from the digital data packet and the biometric sample. The digital data packet and the biometric sample and the digital seal are sent to the recipient. A second digital seal is produced from the combinations of received digital data packet and the received biometric sample. The first and the second seals are compared and in the first and second seals are identical, the authentication of the digital signature is approved. Otherwise, the authentication of the digital signature is denied.
A similar method and system is shown in U.S. Pat. No. 5,689,567. Here, a signature object document is hashed to generate a hash sum. The signature image is encrypted with the generated hash sum. Then, the encrypted signature image is encrypted in accordance with the secret information to generate a signature document.
For the sake of clarity, various important terms for the present disclosure are defined as follows:    Electronic signature: reference is made to the corresponding definition in the Guidelines 1999/93/EG of the European Parliament and the European Council concerning the Community Framework for Electronic Signatures, which were published on Jan. 19, 2000 in the Official Journal of the European Community (AB1. L 13 of Jan. 19, 2000, Page 12).    Biometric electronic signature: like an electronic signature, supplemented with an unambiguous biometric identification feature of a person, such as e.g., a fingerprint, a handwritten signature, voice recording, etc., which is securely linked with an electronic data set and/or is inserted therein and is connected by means of a hash sum with the data content present at the time point of the signature.    Signature image: a visualization of the signature feature (that is, e.g., the two-dimensional image of a fingerprint, a signature, etc.), or file including the 2D image of the fingerprint, signature, etc.    Biometric data: a data set and/or file of a person linked to a feature (such as a fingerprint, a voice recording, a signature, etc.). In contrast to the signature image, biometric data includes, in part, higher resolution and not two-dimensionally depictable information concerning the respective identification feature (e.g., 3-D fingerprint, script image inclusive of writing speed, pressure procession, time of signature, etc.).    Signature data: a data set and/or file and/or data relating to the signature executed by a person, e.g. a combination of the signature image data and the biometric data.    Electronic document: a data set and/or file, which includes data that can be provided or represented in a form readable or understandable by a human using an appropriate device.